Annotate

spec/util_hashes_spec.lua @ 12713:52eead170bb8

util.paseto: Drop custom wrappers around key objects The PASETO spec recommends - no, *requires* - that implementations enforce type safety for keys, and e.g. do not pass them around as arbitrary byte strings. Typed wrapper objects are recommended. I originally followed this advice when starting the lib. However, key wrapping and type safety is now also a feature of util.crypto. All we're doing is duplicating it unnecessarily with this additional wrapper code.
author Matthew Wild <mwild1@gmail.com>
date Mon, 11 Jul 2022 14:30:39 +0100
parent 12564:36e769c64054
child 12836:dbe9781fd278
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
9964
f299d4917dd8 util.hashes: Add test vectors from RFC 6070 for PBKDF2 (aka SCRAM Hi())
Kim Alvefur <zash@zash.se>
parents:
diff changeset
1 -- Test vectors from RFC 6070
f299d4917dd8 util.hashes: Add test vectors from RFC 6070 for PBKDF2 (aka SCRAM Hi())
Kim Alvefur <zash@zash.se>
parents:
diff changeset
2 local hashes = require "util.hashes";
f299d4917dd8 util.hashes: Add test vectors from RFC 6070 for PBKDF2 (aka SCRAM Hi())
Kim Alvefur <zash@zash.se>
parents:
diff changeset
3 local hex = require "util.hex";
f299d4917dd8 util.hashes: Add test vectors from RFC 6070 for PBKDF2 (aka SCRAM Hi())
Kim Alvefur <zash@zash.se>
parents:
diff changeset
4
f299d4917dd8 util.hashes: Add test vectors from RFC 6070 for PBKDF2 (aka SCRAM Hi())
Kim Alvefur <zash@zash.se>
parents:
diff changeset
5 -- Also see spec for util.hmac where HMAC test cases reside
f299d4917dd8 util.hashes: Add test vectors from RFC 6070 for PBKDF2 (aka SCRAM Hi())
Kim Alvefur <zash@zash.se>
parents:
diff changeset
6
10747
63a89b876407 util.hashes: Use generic name of PBKDF2-HMAC-SHA1 function in tests
Kim Alvefur <zash@zash.se>
parents: 9970
diff changeset
7 describe("PBKDF2-HMAC-SHA1", function ()
9964
f299d4917dd8 util.hashes: Add test vectors from RFC 6070 for PBKDF2 (aka SCRAM Hi())
Kim Alvefur <zash@zash.se>
parents:
diff changeset
8 it("test vector 1", function ()
f299d4917dd8 util.hashes: Add test vectors from RFC 6070 for PBKDF2 (aka SCRAM Hi())
Kim Alvefur <zash@zash.se>
parents:
diff changeset
9 local P = "password"
f299d4917dd8 util.hashes: Add test vectors from RFC 6070 for PBKDF2 (aka SCRAM Hi())
Kim Alvefur <zash@zash.se>
parents:
diff changeset
10 local S = "salt"
f299d4917dd8 util.hashes: Add test vectors from RFC 6070 for PBKDF2 (aka SCRAM Hi())
Kim Alvefur <zash@zash.se>
parents:
diff changeset
11 local c = 1
f299d4917dd8 util.hashes: Add test vectors from RFC 6070 for PBKDF2 (aka SCRAM Hi())
Kim Alvefur <zash@zash.se>
parents:
diff changeset
12 local DK = "0c60c80f961f0e71f3a9b524af6012062fe037a6";
12355
a0ff5c438e9d util.hex: Deprecate to/from in favour of encode/decode, for consistency!
Matthew Wild <mwild1@gmail.com>
parents: 10748
diff changeset
13 assert.equal(DK, hex.encode(hashes.pbkdf2_hmac_sha1(P, S, c)));
9964
f299d4917dd8 util.hashes: Add test vectors from RFC 6070 for PBKDF2 (aka SCRAM Hi())
Kim Alvefur <zash@zash.se>
parents:
diff changeset
14 end);
f299d4917dd8 util.hashes: Add test vectors from RFC 6070 for PBKDF2 (aka SCRAM Hi())
Kim Alvefur <zash@zash.se>
parents:
diff changeset
15 it("test vector 2", function ()
f299d4917dd8 util.hashes: Add test vectors from RFC 6070 for PBKDF2 (aka SCRAM Hi())
Kim Alvefur <zash@zash.se>
parents:
diff changeset
16 local P = "password"
f299d4917dd8 util.hashes: Add test vectors from RFC 6070 for PBKDF2 (aka SCRAM Hi())
Kim Alvefur <zash@zash.se>
parents:
diff changeset
17 local S = "salt"
f299d4917dd8 util.hashes: Add test vectors from RFC 6070 for PBKDF2 (aka SCRAM Hi())
Kim Alvefur <zash@zash.se>
parents:
diff changeset
18 local c = 2
f299d4917dd8 util.hashes: Add test vectors from RFC 6070 for PBKDF2 (aka SCRAM Hi())
Kim Alvefur <zash@zash.se>
parents:
diff changeset
19 local DK = "ea6c014dc72d6f8ccd1ed92ace1d41f0d8de8957";
12355
a0ff5c438e9d util.hex: Deprecate to/from in favour of encode/decode, for consistency!
Matthew Wild <mwild1@gmail.com>
parents: 10748
diff changeset
20 assert.equal(DK, hex.encode(hashes.pbkdf2_hmac_sha1(P, S, c)));
9964
f299d4917dd8 util.hashes: Add test vectors from RFC 6070 for PBKDF2 (aka SCRAM Hi())
Kim Alvefur <zash@zash.se>
parents:
diff changeset
21 end);
f299d4917dd8 util.hashes: Add test vectors from RFC 6070 for PBKDF2 (aka SCRAM Hi())
Kim Alvefur <zash@zash.se>
parents:
diff changeset
22 it("test vector 3", function ()
f299d4917dd8 util.hashes: Add test vectors from RFC 6070 for PBKDF2 (aka SCRAM Hi())
Kim Alvefur <zash@zash.se>
parents:
diff changeset
23 local P = "password"
f299d4917dd8 util.hashes: Add test vectors from RFC 6070 for PBKDF2 (aka SCRAM Hi())
Kim Alvefur <zash@zash.se>
parents:
diff changeset
24 local S = "salt"
f299d4917dd8 util.hashes: Add test vectors from RFC 6070 for PBKDF2 (aka SCRAM Hi())
Kim Alvefur <zash@zash.se>
parents:
diff changeset
25 local c = 4096
f299d4917dd8 util.hashes: Add test vectors from RFC 6070 for PBKDF2 (aka SCRAM Hi())
Kim Alvefur <zash@zash.se>
parents:
diff changeset
26 local DK = "4b007901b765489abead49d926f721d065a429c1";
12355
a0ff5c438e9d util.hex: Deprecate to/from in favour of encode/decode, for consistency!
Matthew Wild <mwild1@gmail.com>
parents: 10748
diff changeset
27 assert.equal(DK, hex.encode(hashes.pbkdf2_hmac_sha1(P, S, c)));
9964
f299d4917dd8 util.hashes: Add test vectors from RFC 6070 for PBKDF2 (aka SCRAM Hi())
Kim Alvefur <zash@zash.se>
parents:
diff changeset
28 end);
f299d4917dd8 util.hashes: Add test vectors from RFC 6070 for PBKDF2 (aka SCRAM Hi())
Kim Alvefur <zash@zash.se>
parents:
diff changeset
29 it("test vector 4 #SLOW", function ()
f299d4917dd8 util.hashes: Add test vectors from RFC 6070 for PBKDF2 (aka SCRAM Hi())
Kim Alvefur <zash@zash.se>
parents:
diff changeset
30 local P = "password"
f299d4917dd8 util.hashes: Add test vectors from RFC 6070 for PBKDF2 (aka SCRAM Hi())
Kim Alvefur <zash@zash.se>
parents:
diff changeset
31 local S = "salt"
f299d4917dd8 util.hashes: Add test vectors from RFC 6070 for PBKDF2 (aka SCRAM Hi())
Kim Alvefur <zash@zash.se>
parents:
diff changeset
32 local c = 16777216
f299d4917dd8 util.hashes: Add test vectors from RFC 6070 for PBKDF2 (aka SCRAM Hi())
Kim Alvefur <zash@zash.se>
parents:
diff changeset
33 local DK = "eefe3d61cd4da4e4e9945b3d6ba2158c2634e984";
12355
a0ff5c438e9d util.hex: Deprecate to/from in favour of encode/decode, for consistency!
Matthew Wild <mwild1@gmail.com>
parents: 10748
diff changeset
34 assert.equal(DK, hex.encode(hashes.pbkdf2_hmac_sha1(P, S, c)));
9964
f299d4917dd8 util.hashes: Add test vectors from RFC 6070 for PBKDF2 (aka SCRAM Hi())
Kim Alvefur <zash@zash.se>
parents:
diff changeset
35 end);
f299d4917dd8 util.hashes: Add test vectors from RFC 6070 for PBKDF2 (aka SCRAM Hi())
Kim Alvefur <zash@zash.se>
parents:
diff changeset
36 end);
f299d4917dd8 util.hashes: Add test vectors from RFC 6070 for PBKDF2 (aka SCRAM Hi())
Kim Alvefur <zash@zash.se>
parents:
diff changeset
37
10748
93293891709b util.hashes: Fix output length of PBKDF2-HMAC-SHA256
Kim Alvefur <zash@zash.se>
parents: 10747
diff changeset
38 describe("PBKDF2-HMAC-SHA256", function ()
93293891709b util.hashes: Fix output length of PBKDF2-HMAC-SHA256
Kim Alvefur <zash@zash.se>
parents: 10747
diff changeset
39 it("test vector 1", function ()
93293891709b util.hashes: Fix output length of PBKDF2-HMAC-SHA256
Kim Alvefur <zash@zash.se>
parents: 10747
diff changeset
40 local P = "password";
93293891709b util.hashes: Fix output length of PBKDF2-HMAC-SHA256
Kim Alvefur <zash@zash.se>
parents: 10747
diff changeset
41 local S = "salt";
93293891709b util.hashes: Fix output length of PBKDF2-HMAC-SHA256
Kim Alvefur <zash@zash.se>
parents: 10747
diff changeset
42 local c = 1
93293891709b util.hashes: Fix output length of PBKDF2-HMAC-SHA256
Kim Alvefur <zash@zash.se>
parents: 10747
diff changeset
43 local DK = "120fb6cffcf8b32c43e7225256c4f837a86548c92ccc35480805987cb70be17b";
12355
a0ff5c438e9d util.hex: Deprecate to/from in favour of encode/decode, for consistency!
Matthew Wild <mwild1@gmail.com>
parents: 10748
diff changeset
44 assert.equal(DK, hex.encode(hashes.pbkdf2_hmac_sha256(P, S, c)));
10748
93293891709b util.hashes: Fix output length of PBKDF2-HMAC-SHA256
Kim Alvefur <zash@zash.se>
parents: 10747
diff changeset
45 end);
93293891709b util.hashes: Fix output length of PBKDF2-HMAC-SHA256
Kim Alvefur <zash@zash.se>
parents: 10747
diff changeset
46 it("test vector 2", function ()
93293891709b util.hashes: Fix output length of PBKDF2-HMAC-SHA256
Kim Alvefur <zash@zash.se>
parents: 10747
diff changeset
47 local P = "password";
93293891709b util.hashes: Fix output length of PBKDF2-HMAC-SHA256
Kim Alvefur <zash@zash.se>
parents: 10747
diff changeset
48 local S = "salt";
93293891709b util.hashes: Fix output length of PBKDF2-HMAC-SHA256
Kim Alvefur <zash@zash.se>
parents: 10747
diff changeset
49 local c = 2
93293891709b util.hashes: Fix output length of PBKDF2-HMAC-SHA256
Kim Alvefur <zash@zash.se>
parents: 10747
diff changeset
50 local DK = "ae4d0c95af6b46d32d0adff928f06dd02a303f8ef3c251dfd6e2d85a95474c43";
12355
a0ff5c438e9d util.hex: Deprecate to/from in favour of encode/decode, for consistency!
Matthew Wild <mwild1@gmail.com>
parents: 10748
diff changeset
51 assert.equal(DK, hex.encode(hashes.pbkdf2_hmac_sha256(P, S, c)));
10748
93293891709b util.hashes: Fix output length of PBKDF2-HMAC-SHA256
Kim Alvefur <zash@zash.se>
parents: 10747
diff changeset
52 end);
93293891709b util.hashes: Fix output length of PBKDF2-HMAC-SHA256
Kim Alvefur <zash@zash.se>
parents: 10747
diff changeset
53 end);
93293891709b util.hashes: Fix output length of PBKDF2-HMAC-SHA256
Kim Alvefur <zash@zash.se>
parents: 10747
diff changeset
54
93293891709b util.hashes: Fix output length of PBKDF2-HMAC-SHA256
Kim Alvefur <zash@zash.se>
parents: 10747
diff changeset
55
12564
36e769c64054 util.hashes: Add SHA3 bindings
Kim Alvefur <zash@zash.se>
parents: 12355
diff changeset
56 describe("SHA-3", function ()
36e769c64054 util.hashes: Add SHA3 bindings
Kim Alvefur <zash@zash.se>
parents: 12355
diff changeset
57 describe("256", function ()
36e769c64054 util.hashes: Add SHA3 bindings
Kim Alvefur <zash@zash.se>
parents: 12355
diff changeset
58 it("works", function ()
36e769c64054 util.hashes: Add SHA3 bindings
Kim Alvefur <zash@zash.se>
parents: 12355
diff changeset
59 local expected = "a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a"
36e769c64054 util.hashes: Add SHA3 bindings
Kim Alvefur <zash@zash.se>
parents: 12355
diff changeset
60 assert.equal(expected, hashes.sha3_256("", true));
36e769c64054 util.hashes: Add SHA3 bindings
Kim Alvefur <zash@zash.se>
parents: 12355
diff changeset
61 end);
36e769c64054 util.hashes: Add SHA3 bindings
Kim Alvefur <zash@zash.se>
parents: 12355
diff changeset
62 end);
36e769c64054 util.hashes: Add SHA3 bindings
Kim Alvefur <zash@zash.se>
parents: 12355
diff changeset
63 describe("512", function ()
36e769c64054 util.hashes: Add SHA3 bindings
Kim Alvefur <zash@zash.se>
parents: 12355
diff changeset
64 it("works", function ()
36e769c64054 util.hashes: Add SHA3 bindings
Kim Alvefur <zash@zash.se>
parents: 12355
diff changeset
65 local expected = "a69f73cca23a9ac5c8b567dc185a756e97c982164fe25859e0d1dcc1475c80a615b2123af1f5f94c11e3e9402c3ac558f500199d95b6d3e301758586281dcd26"
36e769c64054 util.hashes: Add SHA3 bindings
Kim Alvefur <zash@zash.se>
parents: 12355
diff changeset
66 assert.equal(expected, hashes.sha3_512("", true));
36e769c64054 util.hashes: Add SHA3 bindings
Kim Alvefur <zash@zash.se>
parents: 12355
diff changeset
67 end);
36e769c64054 util.hashes: Add SHA3 bindings
Kim Alvefur <zash@zash.se>
parents: 12355
diff changeset
68 end);
36e769c64054 util.hashes: Add SHA3 bindings
Kim Alvefur <zash@zash.se>
parents: 12355
diff changeset
69 end);
36e769c64054 util.hashes: Add SHA3 bindings
Kim Alvefur <zash@zash.se>
parents: 12355
diff changeset
70